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IN THE CLAIMS : 
Amended claims follow: 

1 . (Previously Presented) A method of scanning a communication 
received at a firewall for target content, wherein the communication is directed to 
one of a set of computer nodes connected to the firewall, comprising: 

maintaining on the firewall a scanning module configured to scan 
communications received at the firewall; 

maintaining a set of criteria for determining when one of said 
communications may be scanned at a computer node connected to the 
firewall instead of at the firewall; 

partitioning responsibility for scanning said communications between 
said firewall and a first computer node connected to the firewall; 

receiving a first communication at the firewall, wherein said first 
communication is intended for said first computer node; 

identifying one or more attributes of said first communication; 

determining from said criteria and said attributes whether to scan said 
fnst communication for target content on the firewall; 

determining from said criteria and said attributes whether said first 
computer node is configured to scan said first communication for said target 
content; and 

forwarding said first communication to said first computer node; 
wherein said first computer node receives and scans the 
communication for said target content; 

wherein said partitioning comprises: 

receiving scanning capabilities of a first computer node connected to 
the firewall; 

consulting a set of scanning requirements specified by an operator of 
the firewall; and 

specifying a set of criteria to identify when a communication may be 
scanned for target content by said first computer node. 
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2. (Original) The method of claim 1 , further comprising: 
receiving a second communication at the firewall, wherein said 

second communication is intended for a second computer node; 

identifying one or mote attributes of said second communication; 

determining from said criteria and said attributes of said second 
communication whether said second computer node is permitted to scan said 
second corrrmunication for predetermined content; 

scanning said second communication at the firewall for said 
predeterrnined content; and 

forwarding said second communication to said second computer 

node; 

wherein said second computer node receives but does not scan said 
second communication for said predetermined content 

3. (Cancelled) 

4. (Cancelled) 

5. (Previously Presented) The method of claim 1 , wherein said 
partitioning further comprises receiving a set of proposed criteria from said 
first computer node. 

6. (Cancelled) 

7. (Currently Amended) A method of protecting a network of computer 
nodes from computer viruses, wherein the network of computer nodes is 
connected to a firewall, comprising: 

maintaining a set of scanning rules for deterrruriing when a 
communication received at a firewall is to be scanned on the firewall and 
when said coiumunication may be scanned by the destination node of said 
conrmunication; 
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receiving a first communication at the firewall, wherein said first 
communication is intended for a first computer node connected to the 
firewall; 

deterniinjng whether a first virus scanner is enabled on the firewall; 
determining whether a second virus scanner is enabled on said first 
computer node; 

identifying a first set of attributes of said first communication; 

determining from said first set of attributes and said rules that said 
first communication is to be scanned on said first computer node; 

forwarding said first communication to said first computer node 
without scanning said first communication for computer viruses, wherein 
said first computer node scans said first communication for computer viruses 
using said second virus scanner; 

receiving a second communication at the firewall; 

identifying a second set of attributes of said second communication; 

determining from said second set of attributes and said rules that the 
firewall is responsible for scanning said first communication for computer 
viruses; and 

operating said first virus scanner to scan said second communication 
for computer viruses; 

wherein said set of scanning rules comprises: 

a first subset of scanning rules for determining when said 
communication may be scanned for target content by a destination node of 
said communication instead of the firewall; and 

a second subset of scanning rules for determining when said 
communication is to be scanned on said destination node and not on the 
firewall; 

wherein negotiating between the firewall and said first node defines 
said first subset of said scanning rules . 



8. 



(Cancelled) 



9. 



(Cancelled) 
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10. (Cancelled) 

1 1 . (Currently Amended) [The method of claim 7, farther comprising] A 
method of protecting a network of computer nodes from computer viruses, 
wherein the netwoik_ofj;omputer nodes is connected to a firewall, 
comprising: 

maintaining a set of scanning rules for determining when a 
communication received at a firewall is to be scanned on the firewall and 
when said communication may be scanned by the destination node of said 
communication: 

receiving a first communication at the firewall, wherein said first 
communication is intended for a first computer node connected to the 
firewall: 

determining whether a first virus scanner is enabled on the firewall; 
determining whether a second virus scanner is enabled on said first 
computer node; 

identifying a first set of attributes of said first communication: 
detenriining from said first set of attributes and said rules that said 

first communication is to be scanned on said first computer node: 

forwarding said first communication to said first computer node 

without scanning said first communication for computer viruses, wherein 

said first computer node scans said first communication for computer viruses 

using said second virus scanner: 

receiving a second communication at the firewall: 

identifying a second set of attributes of said second communication: 

determining from said second set of attributes and said rules that the 

firewall is responsible for scanning said first communication for computer 

viruses: and 

operating said first virus scanner to, scan said second communication 
for computer viruses: 

wherein said set of scanning rules comprises: 
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a first subset of scanning rules for deter minin g when said 
communication may be scanned for target content by a destination node of 
said communication instead of the firewall; and 

a second subset of scanning rules for deterammg when said 
communication is to be scanned on said destination node and not on the 
firewall; 

[receiving ] wherein s aid second subset of said scanning rules is 
received from a firewall administrator. 

12. (Currently Amended) The method of claim [10]7 wherein said 
negotiating comprises: 

establishing a secure connection between the firewall and said first 

node; 

receiving at the firewall a proposed set of criteria for determining 
when said first node shall scan a communication instead of the firewall; and 

detemuning whether said proposed set of criteria conflicts with said 
second subset of said scanning rules. 

1 3 . (Currently Amended) The method of claim [ 1 0]7, wherein said 
negotiating further comprises providing said first subset of said scanning 
rules to said first node. 

14. (Currently Amended) The method of claim [10]2> wherein said 
negotiating further comprises sending an updated version of said second 
virus scanner to said first node. 

15. (Currently Amended) The method of claim [10]7, wherein said 
negotiating is performed after said second virus scanner is configured on said 
first node by a user. 

1 6. (Currently Amended) The method of claim [ 1 0]7, wherein said 
negotiating is performed after said first node is rebooted. 
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1 7. (Previously Presented) A computer readable storage medium storing 
instructions that, when executed by a computer, cause the computer to 
perform a method of scanning a communication received at a firewall for 
target content, wherein the communication is directed to one of a set of 
computer nodes connected to the firewall, the method comprising: 

maintaining on the firewall a scanning module configured to scan 
communications received at the firewall; 

maintaining a set of criteria for detexmining when one of said 
communications may be scanned at a computer node connected to the 
firewall instead of at the firewall; 

partitioning responsibility for scanning said communications between 
said firewall and a first computer node connected to the firewall; 

receiving a first communication at the firewall, wherein said first 
communication is intended for said first computer node; 

identifying one or more attributes of said first communication; 

determining from said criteria and said attributes whether to scan said 
first communication for target content on the firewall; 

determining from said criteria and said attributes whether said first 
computer node is configured to scan said first communication for said target 
content; and 

forwarding said first communication to said first computer node; 
wherein said first computer node receives and scans the 
communication for said target content; 

wherein saidpartitioning comprises: 

receiving scanning capabilities of a first computer node connected to 
the firewall; 

consulting a set of scanning requirements specified by an operator of 
the firewall; and 

specifying a set of criteria to identify when a communication may be 
scanned for target content by said first computer node. 

18, -22. (Cancelled) 
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